Nicolas Williams wrote: > Questions for security-discuss: > > Is there any project to parallelize parallelizable cipher modes where > it makes sense?
Active project no. On the todo list to get to sometime yes. > Do we want to provide an option for the 'none' SSHv2 cipher? I don't. I think it is a very bad idea. However I would be willing to reassess this after the networking changes have been done if they still don't show good enough performance. Other things to consider are how to get ride of the pipe(2) between sftp/scp and ssh on the client side. Also consider if it would help if sftp-server were integrated into sshd on the server side. Basically I'm not convinced enough that the crypto (once we can use the hardware) is actually the biggest performance problem with scp/sftp. For what it is worth when performance matters or the data is more than a single small file I don't use scp or sftp I use rsync over ssh instead and find it performs much better and I get all the benefits of rsync. -- Darren J Moffat
